In recent years, a method of black box security test that is referred to as the “Fuzz testing” has become widely used. The Fuzz testing tool detects vulnerability by applying a large amount of various kinds of test data, which are considered to be effective for detecting vulnerability, to a product to be tested. For example, attempts to find an unknown vulnerability, such as a buffer overflow, an integer overflow, etc., are taken using the Fuzz testing tool. In recent years, the Fuzz testing tool has been allowed for use for any person, which may permit a malicious person to easily find an unknown vulnerability.
It is ideal to take a firm security countermeasure for a product to be connected to a network against attacks from the network at a point of sales. However, in many cases, a vulnerability of a product may be newly found after the product is sold and transferred to a consumer. Such a product may include many component parts. Among these component parts, there may be a black box module of which interior cannot be checked easily. That is, the black box module includes a source code that cannot be inspected. Additionally, there may be a vulnerability that can be found only after the sold product is incorporated into the system of the purchaser. Further, if a vulnerability is found in the sold product, it takes a time to distribute the updated software to take a countermeasure against the vulnerability.
Thus, it is an urgent need to take a countermeasure against an unknown vulnerability of a product. Conventionally, there exists a technique to detect a vulnerability at an application program level by automatically scanning a source code of the application program (for example, refer to Japanese Laid-Open Patent Application No. 2010-507165).
Additionally, there exists a technique to take an analysis of the cause of occurrence of an abnormality and a countermeasure process for recovery by successively accumulating and displaying abnormal ending operation data generated during the operation of the application (for example, refer to Japanese Laid-Open Patent Application No. H6-35857).
Further, there exists a communication device capable of communicating with a server connected through a network that determines, when a mail message is received from the POPS server, whether the mail message contains an error, and registers a unique ID of the mail message determined as containing an error, and rejecting the reception of the mail message having a mail message number the same as the mail message having the registered unique ID (for example, refer to Japanese Laid-Open Patent Application No. 2003-323383).